Environment setup
hardware and software requirements for virtual machine
Hardware requirements
- CPU: 4 cores or higher
- RAM: 8 GiB
- Disk: 60 GiB SSD
- Network adapter: 1Gbit (if we use external database server, the latency between the NoPass™ server and the database server should not exceed 10 milliseconds).
Software requirements
- Ubuntu Server 22.04 and higher
- Curl
- Unzip
- Nmap
- Openssl
- Nano or vi
database configuration
A database is necessary to house users registered with NoPass.
The following options are available for the creation of the database(s).
- By default, a MySQL database will be installed and configured into a docker container. If you would like to use this automatic option, please proceed to the next section.
The automatic database option is appropriate in cases where fewer than 100 users are serviced. - Install a Remote Database
Supported databases: MySQL, MsSQL, PostgreSQL- Install one of the three supported databases servers.
- Create a database for NoPass, also for Keycloak if using SSO.
- If the database server is only being used for NoPass/Keycloak, the root user is an acceptable user login to give to NoPass.
If your database server is being used for anything else along with NoPass, you will want to create a new user for NoPass and grant that user privileges to only the previously created database(s).
If following online documentation make sure that you are using information that corresponds to both the correct Local host Distribution (20.04, 18.04, 16..) and the correct DB server type (MySql, MsSql, PostgreSql).If using an external database, you will need to forward your default database port on your DB host.
You are to forward these ports to the NoPass server IP.
NETWORK REQUIREMENTS
Assign a public IP address or set up port forwarding or proxy ports to the Virtual Machine where the NoPass application server will be launched.
NoPass server requirements
The NoPass™ server needs Internet access to communicate with third-party services. If you have a firewall to restrict traffic to or from the Internet, you need to open the following ports:
For incoming connections, whitelist the following default ports:
- 443 (HTTPS)
- 1812 (RADIUS authentication)
- 1813 (RADIUS accounting)
For outgoing connections, whitelist the following ports:
- 53 (DNS)
- 80 (HTTP)
- 443 (HTTPS)
- 25,465 or 587 (SMTP)
- 1812 (RADIUS authentication)
- 1813 (RADIUS accounting)
To use other ports for these protocols, open them.
LOCAL HOST (VM) REQUIREMENTS
You can use various operating systems for the application that supports Docker installation. We recommend using the Ubuntu Server, which is a variant of the standard Ubuntu that is tailored for networks and services, bringing along high technical stability.
Install a Linux (or Windows) machine which will be used as a platform to run the NoPass™ Docker Image. (We recommend Linux Ubuntu 20.04).
NoPass Local Host Firewall:
To allow NoPass™ to communicate with the internet, you must open or forward ports specific to the environment you plan on using.
- Port 80 http
- Port 443 https
- 53 *if doing DNS from console*
If you need RADIUS MFA:
- Ports 1812 & 1813
Database Local Host Firewall:
If using an external database, you will need to forward the database port on your DB localhost to the NoPass™ server IP.
Forward the selected port to your NoPass™ server:
- MySql - default port 3306
- MsSql server - default port 1433
- PostgreSQL - default port 5432
OS and kernel settings
To allow the network connectivity between host and docker containers, perform the following steps:
Open the sysctl.conf file with your favorite text editor and add at the bottom this line:
sysctl net.ipv4.conf.all.forwarding=1
To apply changes, run
sysctl -p
Then the sysctl changes will be persisted.
If you are experiencing any issues or have any questions about the documentation, please contact support at support@identite.us.